Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Cyberattacks and countermeasures for in-vehicle networks

Aliwa, Emad, Rana, Omer ORCID:, Perera, Charith ORCID: and Burnap, Peter ORCID: 2021. Cyberattacks and countermeasures for in-vehicle networks. ACM Computing Surveys 54 (1) , 21. 10.1145/3431233

Full text not available from this repository.


As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay. CAN Bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN Bus vulnerable not only from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication, and vehicle Intrusion Detection Systems (IDS), which operate under various constraints such as low bandwidth, small frame size (e.g., in the CAN protocol), limited availability of computational resources, and real-time sensitivity. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real-time constraints, types of hardware used, changes in CAN Bus behaviour, types of attack mitigation, and software/ hardware used to validate these approaches. We conclude with mitigation strategies limitations and research challenges for the future.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Publisher: Association for Computing Machinery (ACM)
ISSN: 0360-0300
Date of First Compliant Deposit: 9 March 2021
Date of Acceptance: 1 October 2020
Last Modified: 04 Jan 2023 02:23

Actions (repository staff only)

Edit Item Edit Item